Usage authorization control for group communications in a communication network

ABSTRACT

Embodiments described herein provide usage authorization control for group communications. In one embodiment, a network element identifies a group communication for an end user of User Equipment (UE), and identifies a group ID for the group communication. The network element retrieves a user profile of the end user from a Home Subscriber Server (HSS), and determines from the user profile and the group ID whether the end user is a member of the group. The network element provides, on the condition that the end user is a member of the group, the group ID to the HSS and receives group usage rules for the group from the HSS. The network element allows the group communication on the condition that the group communication is permitted by one or more of the group usage rules.

FIELD OF THE INVENTION

The invention is related to the field of mobile communicationtechnology.

BACKGROUND

A 3G/4G network provides end users with mobile data services utilizingUser Equipment (UE) such as smartphones, laptops, tablets, and smartwatches. For example, an end user may utilize a UE to engage in sessionswith the 3G/4G network in order to send/receive group communicationswith other end users. Group communications may include group voicecalls, group Short Message Service (SMS) messages, group multimediamessages, etc.

With the rise in popularity of group messaging services, problems canarise in ensuring that the senders of group communications, thereceivers of group communications, or both, are authorized toparticipate in the group communications. The result may be the rise inunsolicited or unauthorized group communications being serviced by the3G/4G network, which may impact the performance of the 3G/4G network.Further, users of the network may be unable to utilize groupcommunication services due to unwanted spam.

SUMMARY

Embodiments described herein provide usage authorization control forgroup communications utilizing user profile information stored by a HomeSubscriber Server (HSS) and group usage rules stored at the HSS. When agroup communication for an end user of UE is identified, the IMS networkidentifies a group ID for the group communication, and utilizes thegroup ID to determine if the user profile indicates whether the end useris a member of the group. If the end user is a member, then the IMSnetwork identifies group usage rules stored at the HSS for the groupcommunication, and determines whether to allow the group communicationbased on the group usage rules.

In an embodiment, a network element configured to identify a groupcommunication for an end user of User Equipment (UE), and to identify agroup ID for the group communication. The network element is configuredto retrieve a user profile of the end user from a Home Subscriber Server(HSS), and to determine from the user profile and the group ID whetherthe end user is a member of the group. The network element is configuredto provide, on the condition that the end user is a member of the group,the group ID to the HSS and receive group usage rules for the group fromthe HSS, and to allow the group communication on the condition that thegroup communication is permitted by one or more of the group usage rules

In an embodiment, the network element is configured to determine thatthe end user is a member of the group responsive to identifying that thegroup ID is included in the user profile.

In an embodiment, the network element is configured to determine thatthe end user is a member of the group on the condition that the group IDis included in the user profile.

In an embodiment, the network element is configured to reject the groupcommunication for the end user on the condition that the group ID of theend user is missing from the user profile.

In an embodiment, the network element is configured to use the group IDto identify members of the group from the user, and to forward the groupcommunication to UEs of the identified members.

In an embodiment, the group communication comprises a Mobile Terminated(MT) group communication, wherein the end user is a receiving end user,the network element is configured to identify an originating end userfor the MT group communication, and the network element is configured toexclude the receiving end user from the MT group communication on thecondition that the user profile of the receiving end user and the groupID indicate that the originating end user is not a member of the group.

In an embodiment, the group usage rules define at least one of a type ofservice authorized for the group communication and an allowable contentfor the group communication.

In an embodiment, the group usage rules define at least one of a time atwhich the group communication is allowed to be sent by the end user anda time at which the group communication is allowed to be received by theend user.

In an embodiment, the group usage rules define at least one of whetherthe end user is permitted generate a Mobile Originated (MO) groupcommunication and whether the end user is permitted receive a MobileTerminated (MT) group communication.

Another embodiment is a method for usage authorization control for groupcommunications. The method comprises identifying, by a network element,a group communication for an end user of UE, and identifying, by thenetwork element, a group ID for the group communication. The methodcomprises querying, by the network element, an HSS for a user profilefor the end user, and processing, by the network element, the userprofile using the group ID to determine whether the end user is a memberof the group. The method comprises, performing, on the condition thatthe end user is a member of the group, the steps of querying, by thenetwork element, the HSS with the group ID for group usage rules for thegroup, and determining, by the network element, whether to allow thegroup communication based on the group usage rules.

Another embodiment comprises a terminating network element that isconfigured to identify an originating end user of a Mobile Terminated(MT) group communication directed to a receiving end user, and toidentify a group ID for the group communication. The terminating networkelement is configured to allow the MT group communication only on thecondition that group usage rules provided by a Home Subscriber Server(HSS) indicate that the receiving end user and the originating end userare members of a group identified by the group ID.

Other example embodiments may be described below.

DESCRIPTION OF DRAWINGS

Some embodiments are now described, by way of example only, and withreference to the accompanying drawings. The same reference numberrepresents the same element or the same type of element on all drawings.

FIG. 1 illustrates a communication system in an example embodiment.

FIG. 2 is a flow chart illustrating a method for usage authorizationcontrol of group communications in an example embodiment.

FIG. 3 illustrates another communication system in an exampleembodiment.

FIG. 4 is a flow chart illustrating a method for usage authorizationcontrol of Mobile Terminated (MT) group communications in an exampleembodiment.

FIG. 5 illustrates another communication system in an exampleembodiment.

DESCRIPTION OF EMBODIMENTS

The figures and the following description illustrate specific exampleembodiments. It will thus be appreciated that those skilled in the artwill be able to devise various arrangements that, although notexplicitly described or shown herein, embody the principles of thedisclosure and are included within the scope of the claimedinvention(s). Furthermore, any examples described herein are intended toaid in understanding the principles of the described embodiments, andare to be construed as being without limitation to such specificallyrecited examples and conditions. As a result, the disclosure is notlimited to the specific embodiments or examples described below, but bythe claims and their equivalents in view of the following description.

FIG. 1 illustrates a communication system 100 in an example embodiment.Communication system 100 may represent a Long Term Evolution (LTE)network (e.g., an Evolved Packet Core (EPC) network) or another type ofSecond Generation (2G), Third Generation (3G), Fourth Generation (4G),or later generation communication network. Communication system 100includes a Radio Access Network (RAN) 110 and a core network 120. RAN110 and core network 120 provide mobile communication service to enduser 101 utilizing devices, such as UE 102. Core network 120 establishesand maintains sessions for UE 102 for end user 101 to allow UE 102 toaccess data services. UE 102 may be a mobile terminal, such as a mobilephone, a computer, a tablet, etc. UE 102 is able to access core network120 through RAN 110, which comprises any type of network that interfacesUEs with core network 120. Some examples of RAN 110 are a UMTSTerrestrial Radio Access Network (UTRAN), an enhanced UTRAN (E-UTRAN),an Interworking-Wireless Local Area Network (I-WLAN), etc. In thisembodiment, core network 120 provides group communications to UE 102.The group communications may include a group Voice over IP (VOIP) call,a group multimedia message, a group SMS message, etc.

In this embodiment, core network 120 includes a network element 121 thatis coupled to an HSS 122. Network element 121 may include a MobileManagement Entity (MME), a serving GPRS support node (SGSN), a MobileSwitching Center (MSC), a Short Message Service Center (SMSC), anApplication Server (AS), a Call Session Control Function (CSCF), an IPShort Message Gateway (IP-SM-GW), etc.

HSS 122 in this embodiment stores a user profile 123 for end user 101.User profile 123 includes one or more group IDs 124. Group IDs 124 areused to indicate to which communication groups end user 101 and/or UE102 belong, if any. For instance, if end user 101 belongs to a SMS groupassociated with users X, Y, and Z, then user profile 123 may define (viagroup IDs 124) that end user 101 and users X, Y, and Z belong to aparticular group ID for group SMS communications. Using the group ID,network element 121 is able to ensure that authorization and usagecontrol policies can be applied whenever end user 101 attempts to sendgroup communications to, or receive group communications from, thegroup.

HSS 122 in this embodiment stores group usage rules 125. The group usagerules 125 may also be stored in another network element or a standalonedevice. In this embodiment, group usage rules 125 define variouscriteria for allowing/rejecting the group communication for end user101. For instance, group usage rules 125 may specify criteria forallowing/rejecting SMS group messages sent by/sent to, end user 101.

During operation, network element 121 may operate as a MobileOriginating (MO) network element in communication system 100 or as aMobile Terminating (MT) network element in communication system 100.Network element 121 may operate as a MO network element when end user101 utilizes network element 121 to send group communications to membersof the group, while network element 121 may operate as a MT networkelement when other members in the group send group communications to enduser 101. Network element 121 generally includes any component, system,or device that is able to implement authorization and usage controlpolicies for group communications for end user 101 utilizing group IDs124 and/or utilizing group usage rules 125.

In FIG. 1, assume for the purpose of discussion that UE 102 registerswith communication system 100 in order to participate in groupcommunication services provided by communication system 100.

FIG. 2 is a flow chart illustrating a method 200 for usage authorizationcontrol of group communications in an example embodiment. The steps ofmethod 200 will be described with reference to communication system 100in FIG. 1, although method 200 may be performed in other networks orsystems. Methods described by the flow charts presented herein mayinclude other steps omitted for clarity. The steps may also be performedin an alternative order.

Network element 121 identifies a group communication for end user 101(step 202 of FIG. 2). The group communication may be, e.g. a MO groupcommunication or a MT group communication. Network element 121identifies a group ID for the group communication (step 204). Forinstance, if the group communication is an SMS message, then networkelement 121 may process the SMS message to retrieve the group ID fromthe SMS message. Network element 121 queries HSS 122 for user profile123 for end user 101 (step 206). Network element 121 determines if userprofile 123 indicates that end user 101 is a member of the group (step208). For example, network element 121 may determine if any of group IDs124 in user profile 123 match the group ID identified in the groupcommunication. As end user 101 may be part of multiple groups, userprofile 123 may include any number of group IDs 124.

If end user 101 is not a member of the group (e.g., the group ID doesnot match any of group IDs 124 in user profile 123), then networkelement 121 rejects the group communication (step 210). This ensuresthat end user 101 does not receive or send group communications to thegroup unless end user 101 is a member of the group.

If user profile 123 does indicate that end user 101 is a member of thegroup (e.g., user profile 123 does include a match for the group ID forthe group communication), then network element 121 queries HSS 122 withthe group ID of the group communication for group usage rules 125associated with the group ID (step 212). Network element 121 determineswhether to allow the group communication based on group usage rules 125(step 214). If group usage rules 125 for the group ID do not allow thegroup communication, then network element 121 rejects the groupcommunication (step 210). However, if group usage rules 125 for thegroup ID allow the group communication, then network element 121 allowsthe group communication (step 216).

Some examples of group usage rules 125 include which type of service isauthorized for group communications. For instance, SMS services may beallowed for group communications, while VoIP services may be denied.

Another example of group usage rules 125 is the allowable content forgroup communications. For example, Hyper Text Transfer Protocol (HTTP)links may not be allowed in group communications, specific key words maynot be allowed in group communications, embedded pictures may not beallowed in group communications, etc.

Another example of group usage rules 125 is a time at which groupcommunications are allowed to be sent by end user 101. For instance,group usage rules 125 may define that group communications may only besent by end user 101 during work hours, may define that groupcommunications may only be sent by end user 101 on specific days, etc.

Another example of group usage rules 125 is a time at which groupcommunications are allowed to be received by end user 101. For instance,group usage rules 125 may define that group communications may only bereceived by end user 101 during work hours, may define that groupcommunications may only be received by end user 101 on specific days,etc. This type of rule may be used in cases whereby group communicationsare queued for delivery at a time that is different than when the groupcommunications were originally generated. For instance, an automatedsystem may attempt to generate SMS messages for end user 101 outside ofbusiness hours, which may be rejected based on group usage rules thatdefine that group communications are only allowed for end user 101during business hours.

Another example of group usage rules 125 is whether end user 101 maygenerate MO group communications. For instance, end user 101 may beallowed to send group communications but not to receive groupcommunications. This type of rule may be useful in cases where it isimportant to allow end user 101 to notify the group of specific events,while preventing end user 101 from receiving a number of irrelevantcommunications from the group.

Another example of group usage rules 125 is whether end user 101 mayreceive MT group communications. For instance, end user 101 may beallowed to receive group communications but not to send groupcommunications. This type of rule may be useful in cases where end user101 is part of a distribution group that does not allow members to sendgroup communications to other members in the group.

Utilizing group IDs 124 and group usage rules 125, network element 121is able to ensure that group communications can be authenticated and theusage of group communications can be controlled by core network 120. Forinstance, if an entity attempts to send group communications to end user101 and end user 101 is not participating in the specific group that thegroup communication relates to, then network element 121 is able toreject the group communication for end user 101. This may reduce spamgroup communications that may be sent to end user 101, and also mayreduce the network load on core network 120. In the converse, if enduser 101 attempts to send group communications to other end users (notshown) and end user 101 does not participate in the specific group thata group communication relates to, then network element 121 is able toreject the group communication for end user 101. This may reduce spamgroup communications that may be sent from end user 101 to the group,and also may reduce the network load on core network 120.

In some embodiments, the group communication may be a MO groupcommunication sent by end user 101 to the group. In this case, networkelement 121 may process user profile 123 for end user 101 to identifyother members associated with the group ID, and forward the groupcommunication to the other members in the group. For instance, an entryin user profile 123 for end user 101 may include not only the group IDfor a particular group, but also include routable destinations (e.g.,telephone numbers) for the other members in the group. This may allownetwork element 121 to distribute MO group communications to othermembers associated with the group communication.

In some embodiments, the group communication may be a MT groupcommunication that is received by end user 101 from the group. In thiscase, network element 121 may not be involved in the MO processing forthe group communication. For instance, a MT group communication mayarrive from a foreign network.

FIG. 3 illustrates another communication system 300 in an exampleembodiment. Communication system 300 may represent an LTE network (e.g.,an EPC network) or another type of 2G, 3G, 4G, or later generationcommunication network. Communication system 300 includes a Radio AccessNetwork (RAN) 310 and a core network 320. RAN 310 and core network 320provide mobile communication service to end user 302 utilizing devices,such as UE 304. Core network 320 establishes and maintains sessions forUE 304 for end user 302 to allow UE 304 to access data services. In thisembodiment, core network 320 provides MT group communications to UE 102.The MT group communications may include a MT group VOIP call, a MT groupmultimedia message, a MT group SMS message, etc.

In this embodiment, core network 320 includes a network element 321 thatprocesses MT group communication for end user 302. Network element 321is coupled to an HSS 322. Network element 321 may include a MME, a SGSN,a MSC, a SMSC, an Application Server (AS), a CSCF, an IP-SM-GW, etc.

HSS 322 in this embodiment stores a user profile 323 for end user 302and group IDs 324. Both user profile 323 and group IDs 324 may besimilar to the user profile 123 and group IDs 124 previously describedfor FIG. 1. HSS 322 also stores group usage rules 323, which may besimilar to the group usage rules 125 previously described for FIG. 1.

In this embodiment, network element 321 of core network 320 is coupledwith a network 330 that provides access to end user 301 via UE 303 forsending group communications to end user 302.

Assume for the purpose of discussion for this embodiment that end user301 utilizes UE 303 to generate a MT group communication for end user302. The MT group communication is forwarded by network 330 to networkelement 321 for processing. Further assume for the purpose of discussionthat the network 330 is a foreign network, e.g. a network locatedoutside the jurisdictional boundaries of the core network 320. The MTgroup communication may be a Mobile Terminated SMS message (MT-SMS), aMobile Terminated Call (MTC), a Mobile Terminated MultiMedia Message(MT-MMS), etc.

FIG. 4 is a flow chart illustrating a method 400 for usage authorizationcontrol of Mobile Terminated (MT) group communications in an exampleembodiment. The steps of method 400 will be described with reference tocommunication network 300 in FIG. 3, although method 400 may beperformed in other networks or systems.

Network element 321 identifies an originating end user (e.g., user 301)of a MT group communication directed to a receiving end user (e.g., user302; step 402 of method 400). Network element 312 may process the MTgroup communication to identify an ID or phone number associated with UE303.

Network element 321 identifies a group ID for the MT group communication(step 406). The Group ID may be included in headers, signaling, etc.,for the MT group communication. Network element 321 determines if groupusage rules 323 provided by

HSS 322 indicate that the receiving end user (e.g., user 302) and theoriginating end user (e.g., user 301) are members of a group identifiedby the group ID (step 406). If the receiving end user and theoriginating end user are members of the group, then network element 321allows the group communication (step 410). If either the receiving enduser or the originating end user is not a member of the group, thennetwork element 321 rejects the group communication (step 408).

EXAMPLE

FIG. 5 illustrates a communication system 500 in an example embodiment.Communication system 500 includes multiple communication networks, whichare illustrated as GSM network 510 and core network 520 in thisembodiment. GSM network 510 includes a Home Location Register (HLR) 512and a Mobile Switching Center (MSC) 514. HLR 512 is a central subscriberdatabase that stores subscription information and other details (e.g.,subscriber profiles) of mobile devices (e.g., UE 503 for end user 501)that are authorized to use GSM network 510. MSC 514 is the serving nodefor mobile devices, and is responsible for handling voice calls, SMS,and other services in GSM network 510.

Core network 520 includes a Proxy-Call Session Control Function (P-CSCF)522, a Serving-Call Session Control Function (S-CSCF) 524, and a HomeSubscriber Server (HSS) 526. P-CSCF 522 is the entry point to the IMSdomain and serves as the outbound proxy server for IMS devices (e.g., UE504 for end user 502). S-CSCF 524 is the central node of the signalingplane, and performs session control for devices that initiate sessionsover core network 520. S-CSCF 524 communicates with devices over one ormore access networks that are not shown in FIG. 5. HSS 526 is asubscriber server that stores subscription-related information (e.g.,user profiles), performs authentication and authorization of end users(e.g., end user 502), provides information about the subscriber'slocation, etc. In this embodiment, HSS 526 has been enhanced to store anenhanced user profile 505 for end user 502, which includes group IDsassociated with communication groups. HSS 526 has further been enhancedto store group usage rules 506. Group usage rules have been previouslydiscussed with respect to FIGS. 1-2. In this embodiment, core network520 serves UE 504.

Core network 520 also includes SMS Center (SMSC) 542. SMSC 542 comprisesany node that delivers SMS messages. SMSC 542 also includes SMS gatewayfunctionalities to interwork signaling between networks that use adifferent signaling protocol. For example, if a network or device usesShort Message Peer-to-Peer (SMPP) protocol to exchange SMS messages,then SMSC 542 is able to interwork the SMPP protocol messages to SIP andvice-versa. In this embodiment, SMSC 542 has been enhanced to applyusage authorization control to group SMS communications.

Assume for the purpose of discussion for the example that end user 502uses UE 504 to send a MO-SMS message to group X at 3AM. SMSC 542identifies the MO-SMS message from end user 502, and queries HSS 526 foruser profile 505 for end user 502. In the example, user profile 505 hasan entry for group X, which identifies that group X includes end user501 and end user 502. SMSC 542 continues to process the MO-SMS messagebecause end user 502 is a member of group X. If SMSC 542 had determinedthat end user 502 was not a member of group X (e.g., user profile 505for end user 502 did not include an entry for group X), then SMSC 542rejects the MO-SMS message.

SMSC 542 determines that end user 502 is a member of group X, andtherefore, SMSC 542 queries HSS 526 for group usage rules 506 for groupX. In the example, group usage rules 506 indicate that one of the rulesfor group X is that no MO-SMS messages are allow from 1 AM to 5 AM.However end user 502 generated the MO-SMS message at 3AM in thisexample. SMSC 542 rejects the MO-SMS message from end user 502 due tothe usage rule for group X precluding MO-SMS messages from 1 AM to 5 AM.If the MO-SMS message had been sent by end user 502 outside of the 1AM-5 AM exclusion rule in place for group X, then SMSC 542 would allowthe MO-SMS message for group X. If allowed, SMSC 542 may then identifyend user 501 as a member of group X, and forward the MO-SMS message fromend user 502 to MSC 514 for delivery to end user 501.

Any of the various elements shown in the figures or described herein maybe implemented as hardware, software, firmware, or some combination ofthese. For example, an element may be implemented as dedicated hardware.Dedicated hardware elements may be referred to as “processors”,“controllers”, or some similar terminology. When provided by aprocessor, the functions may be provided by a single dedicatedprocessor, by a single shared processor, or by a plurality of individualprocessors, some of which may be shared. Moreover, explicit use of theterm “processor” or “controller” should not be construed to referexclusively to hardware capable of executing software, and mayimplicitly include, without limitation, digital signal processor (DSP)hardware, a network processor, application specific integrated circuit(ASIC) or other circuitry, field programmable gate array (FPGA), readonly memory (ROM) for storing software, random access memory (RAM),non-volatile storage, logic, or some other physical hardware componentor module.

Also, an element may be implemented as non-transitory instructionsexecutable by a processor or a computer to perform the functions of theelement. Some examples of instructions are software, program code, andfirmware. The instructions are operational when executed by theprocessor to direct the processor to perform the functions of theelement. The instructions may be stored on storage devices that arereadable by the processor. Some examples of the storage devices aredigital or solid-state memories, magnetic storage media such as amagnetic disks and magnetic tapes, hard drives, or optically readabledigital data storage media.

Although specific embodiments were described herein, the scope of theinvention is not limited to those specific embodiments. Instead, thescope of the claimed invention(s) is determined by the following claimsand any equivalents thereof in light of the preceding description.

We claim:
 1. An apparatus comprising: a network element configured toidentify a group communication for an end user of User Equipment (UE),and to identify a group ID for the group communication; the networkelement configured to retrieve a user profile of the end user from aHome Subscriber Server (HSS), and to determine from the user profile andthe group ID whether the end user is a member of the group; and thenetwork element is configured to provide, on the condition that the enduser is a member of the group, the group ID to the HSS and receive groupusage rules for the group from the HSS, and to allow the groupcommunication on the condition that the group communication is permittedby one or more of the group usage rules.
 2. The apparatus of claim 1wherein: the network element is configured to determine that the enduser is a member of the group on the condition that the group ID isincluded in the user profile.
 3. The apparatus of claim 1 wherein: thenetwork element is configured to reject the group communication for theend user on the condition that the group ID of the end user is missingfrom the user profile.
 4. The apparatus of claim 1 wherein: the networkelement is configured to use the group ID to identify members of thegroup from the user, and to forward the group communication to UEs ofthe identified members.
 5. The apparatus of claim 1 wherein: the groupcommunication comprises a Mobile Terminated (MT) group communication;and wherein the end user is a receiving end user, the network element isconfigured to identify an originating end user for the MT groupcommunication, and the network element is configured to exclude thereceiving end user from the MT group communication on the condition thatthe user profile of the receiving end user and the group ID indicatethat the originating end user is not a member of the group.
 6. Theapparatus of claim 1 wherein the group usage rules define at least oneof: a type of service authorized for the group communication; and anallowable content for the group communication.
 7. The apparatus of claim1 wherein the group usage rules define at least one of: a time at whichthe group communication is allowed to be sent by the end user; and atime at which the group communication is allowed to be received by theend user.
 8. The apparatus of claim 1 wherein the group usage rulesdefine at least one of: whether the end user is permitted generate aMobile Originated (MO) group communication; and whether the end user ispermitted receive a Mobile Terminated (MT) group communication.
 9. Amethod for usage authorization control for group communications, themethod comprising: identifying, by a network element, a groupcommunication for an end user of User Equipment (UE); identifying, bythe network element, a group ID for the group communication; querying,by the network element, a Home Subscriber Server (HSS) for a userprofile for the end user; processing, by the network element, the userprofile using the group ID to determine whether the end user is a memberof the group; performing, on the condition that the end user is a memberof the group, the steps of: querying, by the network element, the HSSwith the group ID for group usage rules for the group; and determining,by the network element, whether to allow the group communication basedon the group usage rules.
 10. The method of claim 9 further comprisingdetermining that the end user is a member of the group by identifying,by the network element, that the group ID is included in the userprofile.
 11. The method of claim 9 further comprising: rejecting, by thenetwork element, the group communication for the end user on thecondition that the group ID is missing from the user profile .
 12. Themethod of claim 9 further comprising: processing, by the networkelement, the user profile using the group ID to identify members of thegroup; and forwarding, by the network element, the group communicationto UEs of the members.
 13. The method of claim 9 wherein: the groupcommunication comprises a Mobile Terminated (MT) group communication andthe end user is a receiving end user; and the method further comprises:identifying, by the network element, an originating end user for the MTgroup communication; determining, by the network element, whether theoriginating end user is a member of the group using the user profile ofthe receiving end user and the group ID ; and rejecting, by the networkelement, the MT group communication for the receiving end user on thecondition that the originating end user is not a member of the group.14. The method of claim 9 wherein the group usage rules define at leastone of: a type of service authorized for the group communication; and anallowable content for the group communication.
 15. The method of claim 9wherein the group usage rules define at least one of: a time at whichthe group communication is allowed to be sent by the end user; and atime at which the group communication is allowed to be received by theend user.
 16. The method of claim 9 wherein the group usage rules defineat least one of: whether the end user is permitted to generate a MobileOriginated (MO) group communication; and whether the end user ispermitted to receive a Mobile Terminated (MT) group communication. 17.An apparatus comprising: a terminating network element configured toidentify an originating end user of a Mobile Terminated (MT) groupcommunication directed to a receiving end user, and to identify a groupID for the group communication; the terminating network elementconfigured to allow the MT group communication only on the conditionthat group usage rules provided by a Home Subscriber Server (HSS)indicate that the receiving end user and the originating end user aremembers of a group identified by the group ID.
 18. The apparatus ofclaim 17 wherein: the terminating network element is configured todetermine that the end user is a member of the group on the conditionthat the group ID is included in a user profile for the end user. 19.The apparatus of claim 17 wherein: the terminating network element isconfigured to determine that the receiving end user and the originatingend user are members of the group by obtaining the user profile from aHome Subscriber Server (HSS) and determining that the receiving end userand the originating end user are both associated with the group ID; andthe terminating network element is further configured to send, on thecondition that the originating end user and the receiving end user aremembers of the group, the group ID toward the HSS and receive the groupusage rules for the group.
 20. The apparatus of claim 17 wherein thegroup usage rules define at least one of: a type of service authorizedfor the group communication; an allowable content for the groupcommunication; a time at which the group communication is allowed to besent by the end user; a time at which the group communication is allowedto be received by the end user; whether the end user is permitted togenerate a Mobile Originated (MO) group communication; and whether theend user is permitted to receive a Mobile Terminated (MT) groupcommunication.